			     BASH PATCH REPORT
			     =================

Bash-Release:	4.4
Patch-ID:	bash44-014

Bug-Reported-by:	Oyvind Hvidsten <oyvind.hvidsten@dhampir.no>	
Bug-Reference-ID:	<c01b7049-925c-9409-d978-e59bf42591f4@dhampir.no>
Bug-Reference-URL:	http://lists.gnu.org/archive/html/bug-bash/2017-12/msg00023.html

Bug-Description:

Under some circumstances, functions that return via the `return' builtin do
not clean up memory they allocated to keep track of FIFOs.

Patch (apply with `patch -p0'):

*** ../bash-20171205/execute_cmd.c	2017-12-08 07:38:28.000000000 -0500
--- execute_cmd.c	2018-01-26 15:23:38.000000000 -0500
***************
*** 727,730 ****
--- 727,732 ----
        ofifo = num_fifos ();
        ofifo_list = copy_fifo_list ((int *)&osize);
+       begin_unwind_frame ("internal_fifos");
+       add_unwind_protect (xfree, ofifo_list);
        saved_fifo = 1;
      }
***************
*** 742,746 ****
  #if defined (PROCESS_SUBSTITUTION)
        if (saved_fifo)
! 	free ((void *)ofifo_list);
  #endif
        return (last_command_exit_value = EXECUTION_FAILURE);
--- 744,751 ----
  #if defined (PROCESS_SUBSTITUTION)
        if (saved_fifo)
!         {
! 	  free ((void *)ofifo_list);
! 	  discard_unwind_frame ("internal_fifos");
!         }
  #endif
        return (last_command_exit_value = EXECUTION_FAILURE);
***************
*** 1061,1064 ****
--- 1066,1070 ----
  	close_new_fifos ((char *)ofifo_list, osize);
        free ((void *)ofifo_list);
+       discard_unwind_frame ("internal_fifos");
      }
  #endif
***************
*** 4978,4984 ****
  #endif
  
! #if defined (PROCESS_SUBSTITUTION)  
    ofifo = num_fifos ();
    ofifo_list = copy_fifo_list (&osize);
  #endif
  
--- 4984,4995 ----
  #endif
  
! #if defined (PROCESS_SUBSTITUTION)
!   begin_unwind_frame ("saved_fifos");
!   /* If we return, we longjmp and don't get a chance to restore the old
!      fifo list, so we add an unwind protect to free it */
    ofifo = num_fifos ();
    ofifo_list = copy_fifo_list (&osize);
+   if (ofifo_list)
+     add_unwind_protect (xfree, ofifo_list);
  #endif
  
***************
*** 5064,5068 ****
    if (nfifo > ofifo)
      close_new_fifos (ofifo_list, osize);
!   free (ofifo_list);
  #endif
  
--- 5075,5081 ----
    if (nfifo > ofifo)
      close_new_fifos (ofifo_list, osize);
!   if (ofifo_list)
!     free (ofifo_list);
!   discard_unwind_frame ("saved_fifos");
  #endif
  
*** ../bash-4.4/patchlevel.h	2016-06-22 14:51:03.000000000 -0400
--- patchlevel.h	2016-10-01 11:01:28.000000000 -0400
***************
*** 26,30 ****
     looks for to find the patch level (for the sccs version string). */
  
! #define PATCHLEVEL 13
  
  #endif /* _PATCHLEVEL_H_ */
--- 26,30 ----
     looks for to find the patch level (for the sccs version string). */
  
! #define PATCHLEVEL 14
  
  #endif /* _PATCHLEVEL_H_ */
